[Git][security-tracker-team/security-tracker][master] 2 commits: dla: typo

Sylvain Beucler (@beuc) gitlab at salsa.debian.org
Mon May 5 16:23:13 BST 2025 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
344f29ad by Sylvain Beucler at 2025-05-05T17:23:03+02:00
dla: typo

- - - - -
50cb074c by Sylvain Beucler at 2025-05-05T17:23:05+02:00
dla: add nvidia-graphics-drivers

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -3036,7 +3036,6 @@ CVE-2024-11917 (The JobSearch WP Job Board plugin for WordPress is vulnerable to
 CVE-2025-23244 (NVIDIA GPU Display Driver for Linux contains a vulnerability which cou ...)
 	- nvidia-graphics-drivers <unfixed> (bug #1104068)
 	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1104069)
 	- nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1104070)
 	[bullseye] - nvidia-graphics-drivers-legacy-390xx <ignored> (Non-free not supported)
@@ -33531,7 +33530,6 @@ CVE-2023-46400 (KWHotel 0.47 is vulnerable to CSV Formula Injection in the add g
 CVE-2024-0149 (NVIDIA GPU Display Driver for Linux contains a vulnerability which cou ...)
 	- nvidia-graphics-drivers 535.230.02-1 (bug #1093908)
 	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
 	- nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
 	[bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
@@ -33553,7 +33551,6 @@ CVE-2024-0149 (NVIDIA GPU Display Driver for Linux contains a vulnerability whic
 CVE-2024-0131 (NVIDIA GPU kernel driver for Windows and Linux contains a vulnerabilit ...)
 	- nvidia-graphics-drivers 535.230.02-1 (bug #1093908)
 	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
 	- nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
 	[bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
@@ -33574,12 +33571,10 @@ CVE-2024-0131 (NVIDIA GPU kernel driver for Windows and Linux contains a vulnera
 CVE-2024-53869 (NVIDIA Unified Memory driver for Linux contains a vulnerability where  ...)
 	- nvidia-graphics-drivers 535.230.02-1 (bug #1093908)
 	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5614
 CVE-2024-0147 (NVIDIA GPU display driver for Windows and Linux contains a vulnerabili ...)
 	- nvidia-graphics-drivers 535.230.02-1 (bug #1093908)
 	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
 	- nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
 	[bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
@@ -33600,7 +33595,6 @@ CVE-2024-0147 (NVIDIA GPU display driver for Windows and Linux contains a vulner
 CVE-2024-0150 (NVIDIA GPU display driver for Windows and Linux contains a vulnerabili ...)
 	- nvidia-graphics-drivers 535.230.02-1 (bug #1093908)
 	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1093909)
 	- nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1093910)
 	[bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
@@ -61035,7 +61029,6 @@ CVE-2023-50355 (HCL Sametime is impacted by the error messages containing sensit
 CVE-2024-0126 (NVIDIA GPU Display Driver for Windows and Linux contains a vulnerabili ...)
 	- nvidia-graphics-drivers 535.216.01-1 (bug #1085968)
 	[bookworm] - nvidia-graphics-drivers 535.216.01-1~deb12u1
-	[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
 	- nvidia-graphics-drivers-legacy-340xx <unfixed> (bug #1085969)
 	- nvidia-graphics-drivers-legacy-390xx <unfixed> (bug #1085970)
 	[bullseye] - nvidia-graphics-drivers-legacy-390xx <no-dsa> (Non-free not supported)
@@ -129506,7 +129499,6 @@ CVE-2024-0075 (NVIDIA GPU Display Driver for Windows and Linux contains a vulner
 	[experimental] - nvidia-graphics-drivers 535.161.07-1
 	- nvidia-graphics-drivers <unfixed> (bug #1064983)
 	[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
-	[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	- nvidia-graphics-drivers-tesla <unfixed> (bug #1064990)
 	[bookworm] - nvidia-graphics-drivers-tesla <no-dsa> (Non-free not supported)
 	[experimental] - nvidia-open-gpu-kernel-modules 550.54.15-1
@@ -203705,7 +203697,6 @@ CVE-2023-0183 (NVIDIA GPU Display Driver for Linux contains a vulnerability in t
 	- nvidia-open-gpu-kernel-modules 525.105.17-1 (bug #1033783)
 	- nvidia-graphics-drivers-tesla 525.105.17-1 (bug #1033782)
 	- nvidia-graphics-drivers 525.105.17-1 (bug #1033774)
-	[bullseye] - nvidia-graphics-drivers <no-dsa> (non-free not supported)
 	[buster] - nvidia-graphics-drivers <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5452
 CVE-2023-0182 (NVIDIA GPU Display Driver for Windows contains a vulnerability in the  ...)
@@ -228070,7 +228061,6 @@ CVE-2022-42256 (NVIDIA GPU Display Driver for Linux contains a vulnerability in
 	- nvidia-open-gpu-kernel-modules 515.86.01-1
 CVE-2022-42255 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
 	- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
-	[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[buster] - nvidia-graphics-drivers <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
 	- nvidia-graphics-drivers-tesla 510.108.03-1 (bug #1025287)
 	- nvidia-graphics-drivers-tesla-418 <unfixed> (bug #1025282)
@@ -228084,7 +228074,6 @@ CVE-2022-42255 (NVIDIA GPU Display Driver for Linux contains a vulnerability in
 	- nvidia-open-gpu-kernel-modules 515.86.01-1
 CVE-2022-42254 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
 	- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
-	[bullseye] - nvidia-graphics-drivers 470.161.03-1
 	[buster] - nvidia-graphics-drivers <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
 	- nvidia-graphics-drivers-tesla 510.108.03-1 (bug #1025287)
 	- nvidia-graphics-drivers-tesla-418 <unfixed> (bug #1025282)
@@ -248696,7 +248685,6 @@ CVE-2022-34685 (Azure RTOS GUIX Studio Information Disclosure Vulnerability)
 	NOT-FOR-US: Microsoft
 CVE-2022-34684 (NVIDIA GPU Display Driver for Linux contains a vulnerability in the ke ...)
 	- nvidia-graphics-drivers 510.108.03-1 (bug #1025279)
-	[bullseye] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
 	[buster] - nvidia-graphics-drivers <ignored> (Non-free not supported, no updates provided by Nvidia anymore)
 	- nvidia-graphics-drivers-tesla 510.108.03-1 (bug #1025287)
 	- nvidia-graphics-drivers-tesla-470 470.161.03-1 (bug #1025285)


=====================================
data/dla-needed.txt
=====================================
@@ -269,6 +269,10 @@ nsis
 nvidia-cuda-toolkit
   NOTE: 20241004: Added by Front-Desk (Beuc)
 --
+nvidia-graphics-drivers
+  NOTE: 20250505: Added by Front-Desk (Beuc)
+  NOTE: 20250505: Non-free, but sponsored (Beuc/front-desk)
+--
 odoo
   NOTE: 20250303: Added by Front-Desk (rouca)
   NOTE: 20250320: In discussion to be EOL'ed: https://bugs.debian.org/1100929. Let's keep odoo here until we decide (santiago)
@@ -283,7 +287,7 @@ opencryptoki
   NOTE: 20250505: For CVE-2024-0914 ("Marvin Attack"),
   NOTE: 20250505: we probably need to backport a few constant-time pre-requisite commits:
   NOTE: 20250505: https://github.com/opencryptoki/opencryptoki/issues/731#issuecomment-1851436555
-  NOTE: 20250505: Cf. #1104729 to determine whether fix or ignore this in all dists (Beuc/front-desk)
+  NOTE: 20250505: Cf. #1104729 to determine whether to fix or ignore this in all dists (Beuc/front-desk)
 --
 openjdk-11 (roberto)
   NOTE: 20250429: Added by Front-Desk (lamby)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3c7b234cc2db1ae0d967693a7c6427bbf8bd2ed0...50cb074c0f6b0248c4e473ab21b36949fcdb1cfc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/3c7b234cc2db1ae0d967693a7c6427bbf8bd2ed0...50cb074c0f6b0248c4e473ab21b36949fcdb1cfc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250505/a23ecf6c/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list